Discussion:
Apache SSL proxy to Weblogic fails
Stromas, Aaron
2014-09-19 17:04:22 UTC
Permalink
Greetings,

I am looking for help with a problem I've ran into a using mod_proxy/mod_ssl. The Apache HTTP server on SLES 11 SP3 64 bit, OpenSSL 1.0.1.f acts as SSL proxy to the Weblogic 10.3 running on Redhat. The mod_ssl is configured correctly - it works when proxying to SSL connections to non-SSL serves. Also, the certificate on the proxy was issued with extensions allowing it to be used as both SSL client and server.

Yet, the Apache proxy fails connection over SSL to the Weblogic's HTTPS port. Below is the excerpt from the Apache errors log. Any advice will be gerately appreciated. TIA

[Thu Sep 18 09:32:14 2014] [debug] mod_proxy.c(1036): Running scheme https handler (attempt 0)
[Thu Sep 18 09:32:14 2014] [debug] mod_proxy_http.c(1995): proxy: HTTP: serving URL https://appdev2.example.com:8102/auth/logon.jsp?aa_param=user
[Thu Sep 18 09:32:14 2014] [debug] proxy_util.c(2022): proxy: HTTPS: has acquired connection for (appdev2.example.com)
[Thu Sep 18 09:32:14 2014] [debug] proxy_util.c(2078): proxy: connecting https://appdev2.example.com:8102/auth/logon.jsp?aa_param=user to appdev2.example.com:8102
[Thu Sep 18 09:32:14 2014] [debug] proxy_util.c(2236): proxy: connected /auth/logon.jsp?aa_param=user to appdev2.example.com:8102
[Thu Sep 18 09:32:14 2014] [debug] proxy_util.c(2487): proxy: HTTPS: fam 2 socket created to connect to appdev2.example.com
[Thu Sep 18 09:32:14 2014] [debug] proxy_util.c(2619): proxy: HTTPS: connection complete to 10.40.0.224:8102 (appdev2.example.com)
[Thu Sep 18 09:32:14 2014] [info] [client 10.40.0.224] Connection to child 0 established (server aaproxiedel1:443)
[Thu Sep 18 09:32:14 2014] [info] Seeding PRNG with 144 bytes of entropy
[Thu Sep 18 09:32:14 2014] [debug] ssl_engine_io.c(1090): [client 10.40.0.224] SNI extension for SSL Proxy request set to 'appdev2.example.com'
[Thu Sep 18 09:32:14 2014] [debug] ssl_engine_kernel.c(1903): OpenSSL: Handshake: start
[Thu Sep 18 09:32:14 2014] [debug] ssl_engine_kernel.c(1911): OpenSSL: Loop: before/connect initialization
[Thu Sep 18 09:32:14 2014] [debug] ssl_engine_kernel.c(1911): OpenSSL: Loop: SSLv2/v3 write client hello A
[Thu Sep 18 09:32:14 2014] [debug] ssl_engine_io.c(1939): OpenSSL: read 7/7 bytes from BIO#994fe0 [mem: 9ea880] (BIO dump follows)
[Thu Sep 18 09:32:14 2014] [debug] ssl_engine_io.c(1872): +-------------------------------------------------------------------------+
[Thu Sep 18 09:32:14 2014] [debug] ssl_engine_io.c(1911): | 0000: 15 03 00 00 02 02 28 ......( |
[Thu Sep 18 09:32:14 2014] [debug] ssl_engine_io.c(1917): +-------------------------------------------------------------------------+
[Thu Sep 18 09:32:14 2014] [debug] ssl_engine_kernel.c(1916): OpenSSL: Read: SSLv2/v3 read server hello A
[Thu Sep 18 09:32:14 2014] [debug] ssl_engine_kernel.c(1940): OpenSSL: Exit: error in SSLv2/v3 read server hello A
[Thu Sep 18 09:32:14 2014] [info] [client 10.40.0.224] SSL Proxy connect failed
[Thu Sep 18 09:32:14 2014] [info] SSL Library Error: 336032784 error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure
[Thu Sep 18 09:32:14 2014] [info] [client 10.40.0.224] Connection closed to child 0 with abortive shutdown (server aaproxiedel1:443)
[Thu Sep 18 09:32:14 2014] [error] (502)Unknown error 502: proxy: pass request body failed to 10.40.0.224:8102 (appdev2.example.com)
[Thu Sep 18 09:32:14 2014] [error] [client 141.1.3.134] proxy: Error during SSL Handshake with remote server returned by /auth/logon.jsp
[Thu Sep 18 09:32:14 2014] [error] proxy: pass request body failed to 10.40.0.224:8102 (appdev2.example.com) from 141.1.3.134 ()
[Thu Sep 18 09:32:14 2014] [debug] proxy_util.c(2040): proxy: HTTPS: has released connection for (appdev2.example.com)
[Thu Sep 18 09:32:14 2014] [debug] ssl_engine_kernel.c(1921): OpenSSL: Write: SSL negotiation finished successfully
[Thu Sep 18 09:32:14 2014] [info] [client 141.1.3.134] Connection closed to child 2 with standard shutdown (server aaproxiedel1:443)

Best regards,

-a
________________________________
Aaron Stromas | RSA The Security Division of EMC | Practice Consultant | Identity & Fraud Protection Practice | M - 240 271 64 58 | aaron.stromas-***@public.gmane.org<mailto:aaron.stromas-***@public.gmane.org>
Lewis Rosenthal
2014-09-19 18:10:38 UTC
Permalink
Hi, Aaron...
Post by Stromas, Aaron
Greetings,
I am looking for help with a problem I've ran into a using
mod_proxy/mod_ssl. The Apache HTTP server on SLES 11 SP3 64 bit,
OpenSSL 1.0.1.f acts as SSL proxy to the Weblogic 10.3 running on
Redhat. The mod_ssl is configured correctly - it works when proxying
to SSL connections to non-SSL serves. Also, the certificate on the
proxy was issued with extensions allowing it to be used as both SSL
client and server.
Yet, the Apache proxy fails connection over SSL to the Weblogic’s
HTTPS port. Below is the excerpt from the Apache errors log. Any
advice will be gerately appreciated. TIA
<snip>
Post by Stromas, Aaron
Exit: error in SSLv2/v3 read server hello A
[Thu Sep 18 09:32:14 2014] [info] [client 10.40.0.224] SSL Proxy connect failed
[Thu Sep 18 09:32:14 2014] [info] SSL Library Error: 336032784
error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert
handshake failure
[Thu Sep 18 09:32:14 2014] [info] [client 10.40.0.224] Connection
closed to child 0 with abortive shutdown (server aaproxiedel1:443)
[Thu Sep 18 09:32:14 2014] [error] (502)Unknown error 502: proxy: pass
request body failed to 10.40.0.224:8102 (appdev2.example.com)
[Thu Sep 18 09:32:14 2014] [error] [client 141.1.3.134] proxy: Error
during SSL Handshake with remote server returned by /auth/logon.jsp
[Thu Sep 18 09:32:14 2014] [error] proxy: pass request body failed to
10.40.0.224:8102 (appdev2.example.com) from 141.1.3.134 ()
has released connection for (appdev2.example.com)
Write: SSL negotiation finished successfully
[Thu Sep 18 09:32:14 2014] [info] [client 141.1.3.134] Connection
closed to child 2 with standard shutdown (server aaproxiedel1:443)
What cipher suites is the server behind the proxy set to accept, and
what version of SSL is that server using?
--
Lewis
-------------------------------------------------------------
Lewis G Rosenthal, CNA, CLP, CLE, CWTS, EA
Rosenthal & Rosenthal, LLC www.2rosenthals.com
visit my IT blog www.2rosenthals.net/wordpress
IRS Circular 230 Disclosure applies see www.2rosenthals.com
-------------------------------------------------------------
--
This email was Anti Virus checked by Astaro Security Gateway. http://www.astaro.com
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users-MCmKBN63+***@public.gmane.org
Automated List Manager majordomo-MCmKBN63+***@public.gmane.org
Stromas, Aaron
2014-09-19 18:27:35 UTC
Permalink
Hi Lewis,



The Weblogic logs show the following ciphers on startup:



<Sep 18, 2014 2:05:52 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <TLS_RSA_WITH_RC4_128_SHA>

<Sep 18, 2014 2:05:52 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <TLS_RSA_WITH_RC4_128_MD5>

<Sep 18, 2014 2:05:52 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <TLS_RSA_WITH_AES_128_CBC_SHA>

<Sep 18, 2014 2:05:52 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <TLS_RSA_WITH_AES_256_CBC_SHA>



Based on the error, it looks to be a CertiCom SSL provider which supports TLSv1/SSLv3 and SSLv2.

I had tried to experiment with SSLCipherSuite but met no success. Last value I attempted was ALL:RC4+RSA:+HIGH:+MEDIUM:+LOW:!NULL:+SSLv2:+EXP



This is what I see in the Weblogic log:



<Sep 18, 2014 3:01:42 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <Filtering JSSE SSLSocket>

<Sep 18, 2014 3:01:42 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <SSLIOContextTable.addContext(ctx): 23944274>

<Sep 18, 2014 3:01:42 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <SSLSocket will be Muxing>

<Sep 18, 2014 3:01:42 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>

<Sep 18, 2014 3:01:42 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <27112312 SSL3/TLS MAC>

<Sep 18, 2014 3:01:42 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <27112312 received HANDSHAKE>

<Sep 18, 2014 3:01:42 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: ClientHello>

<Sep 18, 2014 3:01:42 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <NEW ALERT with Severity: FATAL, Type: 40

java.lang.Exception: New alert stack

at com.certicom.tls.record.alert.Alert.<init>(Unknown Source)

at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessages(Unknown Source)

at com.certicom.tls.record.MessageInterpreter.interpretContent(Unknown Source)

at com.certicom.tls.record.MessageInterpreter.decryptMessage(Unknown Source)

at com.certicom.tls.record.ReadHandler.processRecord(Unknown Source)

at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)

at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown Source)

at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown Source)

at javax.net.ssl.impl.SSLSocketImpl.startHandshake(Unknown Source)

at weblogic.server.channels.DynamicSSLListenThread$1.run(DynamicSSLListenThread.java:130)

at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)

at weblogic.work.ExecuteThread.run(ExecuteThread.java:173





Best regards,



-a



Aaron Stromas | RSA The Security Division of EMC | Practice Consultant | Identity & Fraud Protection Practice | M – 240 271 64 58 | ***@rsa.com





-----Original Message-----
From: owner-openssl-***@openssl.org [mailto:owner-openssl-***@openssl.org] On Behalf Of Lewis Rosenthal
Sent: Friday, 19 September, 2014 14:11
To: openssl-***@openssl.org
Subject: Re: Apache SSL proxy to Weblogic fails



Hi, Aaron...
Post by Stromas, Aaron
Greetings,
I am looking for help with a problem I've ran into a using
mod_proxy/mod_ssl. The Apache HTTP server on SLES 11 SP3 64 bit,
OpenSSL 1.0.1.f acts as SSL proxy to the Weblogic 10.3 running on
Redhat. The mod_ssl is configured correctly - it works when proxying
to SSL connections to non-SSL serves. Also, the certificate on the
proxy was issued with extensions allowing it to be used as both SSL
client and server.
Yet, the Apache proxy fails connection over SSL to the Weblogic’s
HTTPS port. Below is the excerpt from the Apache errors log. Any
advice will be gerately appreciated. TIA
<snip>
Post by Stromas, Aaron
Exit: error in SSLv2/v3 read server hello A
[Thu Sep 18 09:32:14 2014] [info] [client 10.40.0.224] SSL Proxy
connect failed
[Thu Sep 18 09:32:14 2014] [info] SSL Library Error: 336032784
error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert
handshake failure
[Thu Sep 18 09:32:14 2014] [info] [client 10.40.0.224] Connection
closed to child 0 with abortive shutdown (server aaproxiedel1:443)
[Thu Sep 18 09:32:14 2014] [error] (502)Unknown error 502: proxy: pass
request body failed to 10.40.0.224:8102 (appdev2.example.com)
[Thu Sep 18 09:32:14 2014] [error] [client 141.1.3.134] proxy: Error
during SSL Handshake with remote server returned by /auth/logon.jsp
[Thu Sep 18 09:32:14 2014] [error] proxy: pass request body failed to
10.40.0.224:8102 (appdev2.example.com) from 141.1.3.134 ()
has released connection for (appdev2.example.com)
Write: SSL negotiation finished successfully
[Thu Sep 18 09:32:14 2014] [info] [client 141.1.3.134] Connection
closed to child 2 with standard shutdown (server aaproxiedel1:443)
What cipher suites is the server behind the proxy set to accept, and what version of SSL is that server using?
--
Lewis

-------------------------------------------------------------

Lewis G Rosenthal, CNA, CLP, CLE, CWTS, EA

Rosenthal & Rosenthal, LLC www.2rosenthals.com<http://www.2rosenthals.com>

visit my IT blog www.2rosenthals.net/wordpress<http://www.2rosenthals.net/wordpress>

IRS Circular 230 Disclosure applies see www.2rosenthals.com<http://www.2rosenthals.com>

-------------------------------------------------------------
--
This email was Anti Virus checked by Astaro Security Gateway. http://www.astaro.com

______________________________________________________________________

OpenSSL Project http://www.openssl.org

User Support Mailing List openssl-***@openssl.org<mailto:openssl-***@openssl.org>

Automated List Manager ***@openssl.org<mailto:***@openssl.org>
Thulasi Goriparthi
2014-09-23 07:19:39 UTC
Permalink
Post by Stromas, Aaron
Greetings,
I am looking for help with a problem I've ran into a using
mod_proxy/mod_ssl. The Apache HTTP server on SLES 11 SP3 64 bit, OpenSSL
1.0.1.f acts as SSL proxy to the Weblogic 10.3 running on Redhat. The
mod_ssl is configured correctly - it works when proxying to SSL connections
to non-SSL serves. Also, the certificate on the proxy was issued with
extensions allowing it to be used as both SSL client and server.
Yet, the Apache proxy fails connection over SSL to the Weblogic’s HTTPS
port. Below is the excerpt from the Apache errors log. Any advice will be
gerately appreciated. TIA
[Thu Sep 18 09:32:14 2014] [debug] mod_proxy.c(1036): Running scheme https
handler (attempt 0)
serving URL https://appdev2.example.com:8102/auth/logon.jsp?aa_param=user
[Thu Sep 18 09:32:14 2014] [debug] proxy_util.c(2022): proxy: HTTPS: has
acquired connection for (appdev2.example.com)
[Thu Sep 18 09:32:14 2014] [debug] proxy_util.c(2078): proxy: connecting
https://appdev2.example.com:8102/auth/logon.jsp?aa_param=user to
appdev2.example.com:8102
[Thu Sep 18 09:32:14 2014] [debug] proxy_util.c(2236): proxy: connected
/auth/logon.jsp?aa_param=user to appdev2.example.com:8102
[Thu Sep 18 09:32:14 2014] [debug] proxy_util.c(2487): proxy: HTTPS: fam 2
socket created to connect to appdev2.example.com
connection complete to 10.40.0.224:8102 (appdev2.example.com)
[Thu Sep 18 09:32:14 2014] [info] [client 10.40.0.224] Connection to child
0 established (server aaproxiedel1:443)
[Thu Sep 18 09:32:14 2014] [info] Seeding PRNG with 144 bytes of entropy
[Thu Sep 18 09:32:14 2014] [debug] ssl_engine_io.c(1090): [client
10.40.0.224] SNI extension for SSL Proxy request set to '
appdev2.example.com'
[Thu Sep 18 09:32:14 2014] [debug] ssl_engine_kernel.c(1903): OpenSSL: Handshake: start
Loop: before/connect initialization
Loop: SSLv2/v3 write client hello A
[Thu Sep 18 09:32:14 2014] [debug] ssl_engine_io.c(1939): OpenSSL: read
7/7 bytes from BIO#994fe0 [mem: 9ea880] (BIO dump follows)
+-------------------------------------------------------------------------+
[Thu Sep 18 09:32:14 2014] [debug] ssl_engine_io.c(1911): | 0000: 15 03 00
00 02 02 28 ......( |
+-------------------------------------------------------------------------+
Content type 15 is alert.
Post by Stromas, Aaron
Read: SSLv2/v3 read server hello A
Exit: error in SSLv2/v3 read server hello A
[Thu Sep 18 09:32:14 2014] [info] [client 10.40.0.224] SSL Proxy connect failed
[Thu Sep 18 09:32:14 2014] [info] SSL Library Error: 336032784
error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake
failure
[Thu Sep 18 09:32:14 2014] [info] [client 10.40.0.224] Connection closed
to child 0 with abortive shutdown (server aaproxiedel1:443)
[Thu Sep 18 09:32:14 2014] [error] (502)Unknown error 502: proxy: pass
request body failed to 10.40.0.224:8102 (appdev2.example.com)
[Thu Sep 18 09:32:14 2014] [error] [client 141.1.3.134] proxy: Error
during SSL Handshake with remote server returned by /auth/logon.jsp
[Thu Sep 18 09:32:14 2014] [error] proxy: pass request body failed to
10.40.0.224:8102 (appdev2.example.com) from 141.1.3.134 ()
[Thu Sep 18 09:32:14 2014] [debug] proxy_util.c(2040): proxy: HTTPS: has
released connection for (appdev2.example.com)
Write: SSL negotiation finished successfully
[Thu Sep 18 09:32:14 2014] [info] [client 141.1.3.134] Connection closed
to child 2 with standard shutdown (server aaproxiedel1:443)
Best regards,
-a
------------------------------
*Aaron Stromas | ** RSA ** The Security Division of EMC | Practice
Consultant | Identity & Fraud Protection Practice | M – 240 271 64 58 |
Stromas, Aaron
2014-09-23 12:54:10 UTC
Permalink
I suspected that Apache and Weblogic fail to agree on the ciphers. The Weblogic logs shows its ciphers:
<Sep 18, 2014 2:05:52 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <TLS_RSA_WITH_RC4_128_SHA>
<Sep 18, 2014 2:05:52 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <TLS_RSA_WITH_RC4_128_MD5>
<Sep 18, 2014 2:05:52 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <TLS_RSA_WITH_AES_128_CBC_SHA>
<Sep 18, 2014 2:05:52 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <TLS_RSA_WITH_AES_256_CBC_SHA>

I’ve been trying to match them using the SSLCipherSuite directive, for example, setting it to AES:RC4+RSA:!TLSv1.2:!ECDH:!SPR:!DSS:!PSK:!EXP but none of the values work.


Best regards,

-a
________________________________
Aaron Stromas | RSA The Security Division of EMC | Practice Consultant | Identity & Fraud Protection Practice | M – 240 271 64 58 | ***@rsa.com<mailto:***@rsa.com>

From: owner-openssl-***@openssl.org [mailto:owner-openssl-***@openssl.org] On Behalf Of Thulasi Goriparthi
Sent: Tuesday, 23 September, 2014 03:20
To: openssl-***@openssl org
Subject: Re: Apache SSL proxy to Weblogic fails



On 19 September 2014 22:34, Stromas, Aaron <***@rsa.com<mailto:***@rsa.com>> wrote:
Greetings,

I am looking for help with a problem I've ran into a using mod_proxy/mod_ssl. The Apache HTTP server on SLES 11 SP3 64 bit, OpenSSL 1.0.1.f acts as SSL proxy to the Weblogic 10.3 running on Redhat. The mod_ssl is configured correctly - it works when proxying to SSL connections to non-SSL serves. Also, the certificate on the proxy was issued with extensions allowing it to be used as both SSL client and server.

Yet, the Apache proxy fails connection over SSL to the Weblogic’s HTTPS port. Below is the excerpt from the Apache errors log. Any advice will be gerately appreciated. TIA

[Thu Sep 18 09:32:14 2014] [debug] mod_proxy.c(1036): Running scheme https handler (attempt 0)
[Thu Sep 18 09:32:14 2014] [debug] mod_proxy_http.c(1995): proxy: HTTP: serving URL https://appdev2.example.com:8102/auth/logon.jsp?aa_param=user
[Thu Sep 18 09:32:14 2014] [debug] proxy_util.c(2022): proxy: HTTPS: has acquired connection for (appdev2.example.com<http://appdev2.example.com>)
[Thu Sep 18 09:32:14 2014] [debug] proxy_util.c(2078): proxy: connecting https://appdev2.example.com:8102/auth/logon.jsp?aa_param=user to appdev2.example.com:8102<http://appdev2.example.com:8102>
[Thu Sep 18 09:32:14 2014] [debug] proxy_util.c(2236): proxy: connected /auth/logon.jsp?aa_param=user to appdev2.example.com:8102<http://appdev2.example.com:8102>
[Thu Sep 18 09:32:14 2014] [debug] proxy_util.c(2487): proxy: HTTPS: fam 2 socket created to connect to appdev2.example.com<http://appdev2.example.com>
[Thu Sep 18 09:32:14 2014] [debug] proxy_util.c(2619): proxy: HTTPS: connection complete to 10.40.0.224:8102<http://10.40.0.224:8102> (appdev2.example.com<http://appdev2.example.com>)
[Thu Sep 18 09:32:14 2014] [info] [client 10.40.0.224] Connection to child 0 established (server aaproxiedel1:443)
[Thu Sep 18 09:32:14 2014] [info] Seeding PRNG with 144 bytes of entropy
[Thu Sep 18 09:32:14 2014] [debug] ssl_engine_io.c(1090): [client 10.40.0.224] SNI extension for SSL Proxy request set to 'appdev2.example.com<http://appdev2.example.com>'
[Thu Sep 18 09:32:14 2014] [debug] ssl_engine_kernel.c(1903): OpenSSL: Handshake: start
[Thu Sep 18 09:32:14 2014] [debug] ssl_engine_kernel.c(1911): OpenSSL: Loop: before/connect initialization
[Thu Sep 18 09:32:14 2014] [debug] ssl_engine_kernel.c(1911): OpenSSL: Loop: SSLv2/v3 write client hello A
[Thu Sep 18 09:32:14 2014] [debug] ssl_engine_io.c(1939): OpenSSL: read 7/7 bytes from BIO#994fe0 [mem: 9ea880] (BIO dump follows)
[Thu Sep 18 09:32:14 2014] [debug] ssl_engine_io.c(1872): +-------------------------------------------------------------------------+
[Thu Sep 18 09:32:14 2014] [debug] ssl_engine_io.c(1911): | 0000: 15 03 00 00 02 02 28 ......( |
[Thu Sep 18 09:32:14 2014] [debug] ssl_engine_io.c(1917): +-------------------------------------------------------------------------+
Content type 15 is alert.
[Thu Sep 18 09:32:14 2014] [debug] ssl_engine_kernel.c(1916): OpenSSL: Read: SSLv2/v3 read server hello A
[Thu Sep 18 09:32:14 2014] [debug] ssl_engine_kernel.c(1940): OpenSSL: Exit: error in SSLv2/v3 read server hello A
[Thu Sep 18 09:32:14 2014] [info] [client 10.40.0.224] SSL Proxy connect failed
[Thu Sep 18 09:32:14 2014] [info] SSL Library Error: 336032784 error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure
[Thu Sep 18 09:32:14 2014] [info] [client 10.40.0.224] Connection closed to child 0 with abortive shutdown (server aaproxiedel1:443)
[Thu Sep 18 09:32:14 2014] [error] (502)Unknown error 502: proxy: pass request body failed to 10.40.0.224:8102<http://10.40.0.224:8102> (appdev2.example.com<http://appdev2.example.com>)
[Thu Sep 18 09:32:14 2014] [error] [client 141.1.3.134] proxy: Error during SSL Handshake with remote server returned by /auth/logon.jsp
[Thu Sep 18 09:32:14 2014] [error] proxy: pass request body failed to 10.40.0.224:8102<http://10.40.0.224:8102> (appdev2.example.com<http://appdev2.example.com>) from 141.1.3.134 ()
[Thu Sep 18 09:32:14 2014] [debug] proxy_util.c(2040): proxy: HTTPS: has released connection for (appdev2.example.com<http://appdev2.example.com>)
[Thu Sep 18 09:32:14 2014] [debug] ssl_engine_kernel.c(1921): OpenSSL: Write: SSL negotiation finished successfully
[Thu Sep 18 09:32:14 2014] [info] [client 141.1.3.134] Connection closed to child 2 with standard shutdown (server aaproxiedel1:443)

Best regards,

-a
________________________________
Aaron Stromas | RSA The Security Division of EMC | Practice Consultant | Identity & Fraud Protection Practice | M – 240 271 64 58 | ***@rsa.com<mailto:***@rsa.com>
Loading...